Windbg Symbol path – Part 1

Windbg Symbol path configuration

This part ” Windbg Symbol path – Part 1” is dedicated to the definition, verification of Windbg tool installation ,first look of windbg and impact on analysis if windbg symbol path is not configured.

Next blog with the title “Windbg Symbol path – Part 2” will be dedicated to Symbol path configuration in Windbg , through command prompt and global configuration of Symbol path for all Windows Tools [which we will discuss later on].

What is Symbol ?

A file with extension .pdb contains symbols related to the associated program . Here we are taking about Debugging Memory Dump file of an operating System , so the pdb file will be associated with the specific dll files or exe files of an operating system . In general , Symbol files contains a footprint of the functions that are contained in an executable files and the dynamic-link libraries (DLLs). Thus ,if you want to debugg an application , you need symbol file of that application.

These symbol files not only provides footprint but also present a roadmap of the function calls which leads to the point of failure. It helps in finding the root cause of the fault happened.

What is Symbol Path ?

For Microsoft tools

http://msdl.microsoft.com/download/symbols

For application ,you may need to contact application vendor, most of the time application debugging is done by Application Vendor.

SYMBOL PATH is a location where all the relevant and important publicly available pdb files are stored. We can download it locally for debugging purpose.

Configuring Symbol Path to the application or in the environment variable enables the access of Symbol files in order to understand the stacks in the debugging tool.

Above mentioned link is not browse-able. It is intended for access by the debugging application or to the application which need it for representation of the functions and its call.

Verifying Windows Debugging Tool Installation

If you have installed both version ,it doesn’t matter which version you are running. Both Windbg (x86) and Windbg (x64) will solve your purpose and both could be used for analysis of Memory dump from 32-bit or 64-bit architecture Operating System. Getting in depth regarding the difference is of no concern at the moment.

First Look of Windows debugger

Click on “Open Crash Dump …” or press “Ctrl+D” . A browser windows will pop-up so that you can upload the memory dump file . Its necessary that the file extension must be .dmp where as doesn’t matter with the file name.